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DETAILED ACTION 

1. Claims 1-7, 13-20, and 27 have been re-examined. Applicant has cancelled 
claims 8-12 and 21-26 and added new claims 28-37. 

2. Claims 1-7. 13-20, and 27 remains rejected under 35 U.S.C. 102(b). 
Claims 28-37 are rejected under 35 U.S.C. 102(b). 

Claim Rejections - 35 USC S 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis 
for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
states. 

3. Claims 1-7, 13-20, and 27 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Abadi, Et Al. (US 5,268,962). 

As per claim 1: 

Abadi discloses a method for use in a device coupled to a communications 
channel, comprising: 

determining a security service to perform with a data block; (see col.3, lines 61- 
65 and col.4, lines 24-27; security service is the type of security rendered for the data 
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packet prior to transmitting the packet to the host/destination. Adadi determines the 
security measure needed for the packet according to the other host by identifying the 
encryption key needed to encrypt the data packet and its destination so that the packet 
will transmit to the proper host that can decrypt the packet.) 

generating security information to pass along with the data block, the security 
information identifying the security service; and (see col.4, lines 28-68 and col.8, line 60 
thru col.9, line 4; security information contained in the packet header includes key 
location, encrypted key value, key for encryption/decryption, and destination address, all 
of these information identifies the security service of the data packet) 

processing, in a computer peripheral device adapted to the communication with 
the communications channel, the data block according to the security information; (see 
col.4, line 64 - col.5, line 33; the network controller 116 is considered as the claimed 
computer peripheral device because it is a computer component connected to the host 
computer D via the DMA interface.) 

As per claim 2: see col.3, lines 61-65 and col.4, lines 24-27 (security service is the 
type of security rendered for the data packet prior to transmitting the packet to the 
host/destination. Adadi determines the security measure needed for the packet 
according to the other host by identifying the encryption key needed to encrypt the data 
packet and its destination so that the packet will transmit to the proper host that can 
decrypt the packet); discusses performing cryptographic processing of the data block. 
As per claim 3: see col.6, lines 7-63 and FIG.3; discusses receiving the data block 
from a software routine and routing the processed data block back to the software 
routine after processing. 
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As per claim 4: see col.7, line 63 - col.9, line 3; discusses determining if the 
security service can be perfornned by the computer peripheral device and if not, 
processing the data block according to the security service in a software routine instead 
of the computer peripheral device. 

As per claim 5: see coL3, lines 55-65; discussing the Internet Protocol Security. 
As per claim 6: 

Abadi discloses a method for use in a device including a computer peripheral 
device adapted to control communication with a transport medium, comprising (FIG.3 
and FIG.5b): 

receiving data from a routine in the device; (see col.4, lines 47-58 and col.5, 
lines 52-55) 

sending the data to the computer peripheral device to perfomn cryptographic 
processing. (See col.5, lines 30-31 and col.6, lines 25-40 and 67-68; the network 
controller 116 is considered as the claimed computer peripheral device because it is a 
computer component connected to the host computer D via the DMA interface and 

cryptographicprocessing is the process of encryption or decryption.) - _ 

As per claim 7: see ccl.5, lines 1-33; discusses sending the data to the computer 
peripheral device at least one more time to perform further cryptographic processing. 
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As per claim 13: 

Abadi discloses an article including a machine-readable storage medium 
containing instructions for execution in a system including a computer peripheral device 
adapted to control communication with a communications channel, the instructions 
when executed causing the system to: (see FIG.3) 

receive a data block from the computer peripheral device; (see col.5, lines 52- 

55) 

determine from information in the data block if a security service has not been 
performed on the data block by the computer peripheral device; and 
(see col.3, lines 61-65 and col.4, lines 24-27; security service is the type of security 
rendered for the data packet prior to transmitting the packet to the host/destination. 
Abadi determines the security measure needed for the packet according to the other host 
by identifying the encryption key needed to encrypt the data packet and its destination 
so that the packet will transmit to the proper host that can decrypt the packet.) 

process the data block if the security service has not been performed on the data 
block by the computer peripheral device. (See col.4, lines 30-31 and col.6, lines 67-68; 
the network controller 116 is considered as the claimed computer peripheral device 
because it is a computer component connected to the host computer D via the DMA 
interface and cryptographic processing is the process of encryption or decryption.) 
As per claim 14: see col.7, line 63 - col.9, line 3; discussing the instructions 
causing the system to retrieve security information associated with the data block and 
sent the data block and security information to the computer peripheral device to 
perform the security service. 
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As per claim 15: see col.6, lines 7-63; discussing the instructions causing the 
system to perfomri the security service on the data block. 

As per claim 16: 

Abadi discusses a controller for controlling communications with a transport 
medium (see FIG.3), the controller comprising: 

a receiving circuit to receive data and associated security control information, the 
security control information identifying a security service to be performed on the data; 
and (see col.3, lines 61-65, col.4, lines 24-27 and col.5, lines 46-55; security service is 
the type of security rendered for the data packet prior to transmitting the packet to the 
host/destination. Adadi determines the security measure needed for the packet 
according to the other host by identifying the encryption key needed to encrypt the data 
packet and its destination so that the packet will transmit to the proper host that can 
decrypt the packet.) 

a cryptographic engine to cryptographically process the data based on the security 
control information, the cryptographic engine being in the computer peripheral device. 

(See col.4, lines 30-31 and col.6, lines 67-68; the network controller 116 is 
considered as the claimed computer peripheral device because it is a computer 
component connected to the host computer D via the DMA interface and cryptographic 
processing is the process of encryption or decryption.) 

As per claim 17: Abadi discusses the storage device containing information 
identifying security services to be performed (see coL3, lines 61-65 and col.4, lines 
10-27), the received security control information selecting a portion of the security 
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sen/ices information in the storage device (see col.8 lines 3-44), wherein the 
cryptographic engine processes the data according to the selected portion of the 
security services information, (see col. 5, lines 7-33 and coL9, lines 5-15) 
As per claim 18: see col.8, lines 36-51; discussing a device adapted to change the 
contents of the storage device to update the security services information, [it is inherent 
in the art that updating to make sure the system doesn't have outdated or unnecessary 
data and updating inherently helps the security of a system operate more efficiently.] 
As per claim 19: see col.8, lines 36-51; discussing a device adapted the security 
services information based on a predetermined replacement policy, 
[it is inherent in the art that a replacement policy ensures the system doesn't have 
outdated or unnecessary data that would cause the system to slow down or takes longer 
period of time to process and because a replacement policy inherently further helps the 
security of a system.] 

As per claim 20: see col.8, lines 5-44; discussing the security services information 
includes security association information. 

As per claim 27: see col.6, lines 25-46 and FIG.6; discusses a cryptographic 
engine to perform cryptographic processing on the received data. 
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Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or 
in public use or on sale in this country, more than one year prior to the date of application for 
patent in the United States. 

4. Claims 28-37 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Caputo, et al. (US 5,546,463). 

As per claim 28: 

Caputo discloses a method for use in a device coupled to a communications 
chnnnel, comprising: 

determining a security service to perform with a data block; [see col.6, lines 18- 

33] 

generating security information to pass along with the data block, the security 
information identifying at least one of an encryption algorithm [see coL5, lines 44-50] 
and an authentication algorithm [see co7.6, lines 7-16] to be performed by the security 
service; and [see col.4, lines 30-44] 

processing, in a computer peripheral device adapted to control communication 
with the communications chnnnel, the data block according to the security information, 
[see col.2, lines 20-63] 
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As per claim 29: see col.5, lines 21-23; discusses the processing includes 
performing cryptographic processing of the data block. 

As per claim 30: see col. 8, lines 47-54; discusses receiving the data block from a 
software routine and routing the processed data block back to the software routine after 
processing. 

As per claim 31: Caputo discloses a the method of claim 28, further comprising: 
determining if the security service can be performed by the computer peripheral 

device; and [see col.6, lines 18-51] 

if not, processing the data block according to the security service in a software 

routine instead of the computer peripheral device, [see col.8, lines 47-54] 

As per claim 32: see col., lines ; discusses identifying a security service 

according to an Internet Protocol security protocol. 

As per claim 33: 

Caputo discloses a controller for controlling communications with a transport 
medium, the controller comprising: 

a receiving circuit to receive data [see col.5, lines 11-15 and col.8, lines 1 0-16] 

and associated security control information, the security control information identifying 
at least one of an encryption algorithm [see col.5, lines 44-50] and an authentication 
algorithm [see col.6, lines 7-16] to be performed on the data; and [see col.4, lines 30- 
44] 
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a cryptographic engine to cryptographically process the data based on 
the security control information, the cryptographic engine being a computer 
peripheral device, [see coL2, lines 20-63 and coL5, lines 17-24] 
As per claim 34: see col.5, lines 19-20; discusses a storage device containing 
information identifying security services to be performed, the received security control 
information selecting a portion of the security sen/ices information in the storage device, 
wherein the cryptopaphic engine processes the data according to the selected portion of 
the security services information. 

As per claim 35: see col.7, lines 20-25 and 45-47; discusses a device adapted to 
change the contents of the storage device to update the security services information, 
[it is inherent in the art that updating to make sure the system doesn't have 
outdated or unnecessary data and updating inherently helps the security of a 
system and to operate more efficiently] 

As per claim 36: see col.7, lines 20-25 and 45-47; discusses the device is adapted 
to update the security services information based on a predetermined replacement 
policy, [it is inherent in the art that a replacement policy to makes sure the 

sj^tem doesn't have . outdated or unnecessary data that would cause-the system - 

to slow down or takes longer period of time to process and because a 
replacement policy inherently further helps the security of a sjrstem] 
As per claim 37: see col.5, lines 44-50 and col.6, lines 7-16 ; discusses the 
security services information includes security association information. 
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Conclusion 



Any inquiry concerning this communication or earlier communications 
from the examiner should be directed to LEYNNA T. HA whose telephone 
number is (571) 272-3851. The examiner can normally be reached on Monday 
- Thursday (7:00 - 5:00PM). 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached on (571) 272-3859. The fax 
phone number for the organization where this application or proceeding is 
assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. ' Status information 
for published applications may be obtained from either Private PAIR or Public 



PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see 
http://pair-direct.uspto.gov. Should you have questions on access to the 
Private PAIR system, contact the Electronic Business Center (EBC) at 866-217- 
9197 (tolffree)^. 
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